Notifying the Public of a Data Breach or Cyber Attack (GDPR Compliant)

This GDPR-compliant template can be published on an organization’s website or as a press release to let the public know about a data breach or cyberattack. There is no obligation under the EU General Data Protection Regulation (GDPR) to issue a public statement. However, the GDPR provides that where it would involve disproportionate effort to notify affected data subjects individually, such notification is not required, but you must instead issue a public communication or similar measure whereby data subjects are informed in an equally effective manner.

READ NOW »

Related Content

• Response to Data Subject Request: Right to Erasure (GDPR Compliant, Able to Comply)
  Use this form to respond to a request by a data subject to have their personal data erased under Article 17 of Retained Regulation (EU) 2016/679, UK GDPR, when you are able to comply with the request.

• Rights of Data Subjects Under the General Data Protection Regulation (GDPR)
  Explore requirements and rights provided to individuals (data subjects), as set out in both the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR), which remains applicable in the EEA, and the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR), applicable under UK laws and largely based on the EU GDPR.

• GDPR Compliance Training Presentation
  Use this information to prepare a presentation to train personnel about the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) and how to comply with it. 

Practical Guidance Updates

Featuring the latest updates from your Practical Guidance account.   

• Linking and Other Special Issues Checklist
• Personnel File Access Request
• General Data Protection Regulation (GDPR) Regulatory Enforcement Tracker

Experience results today with practical guidance, legal research, and data-driven insights—all in one place.

Experience Lexis+